- Published on
Exploiting HTTP Parameter Smuggling in Golang
- Authors
- Name
- Hao Chen
- @haoel
Content
https://www.oxeye.io/blog/golang-parameter-smuggling-attack
Link Preview
- https://www.oxeye.io/blog/golang-parameter-smuggling-attack
- “ParseThru” – Exploiting HTTP Parameter Smuggling in Golang
- Oxeye’s security research team has found a security vulnerability in Golang-based applications. Under certain conditions, it lets a threat actor bypass validations based on HTTP request parameters due to the use of unsafe URL parsing.